CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update
Sophos has announced the resolution of three critical security vulnerabilities affecting its Sophos Firewall product, a widely used network security tool. These vulnerabilities, tracked as CVE-2024-12 ... Read more
-
Cybersecurity News
PoC Exploit Released for Databricks Remote Code Execution Vulnerability CVE-2024-49194
A newly discovered vulnerability in the Databricks JDBC Driver (CVE-2024-49194) could allow attackers to remotely execute code on vulnerable systems. The flaw, found by security researchers at Alibaba ... Read more
-
Cybersecurity News
CVE-2024-49576 and CVE-2024-47810: Foxit Addresses Remote Code Execution Flaws
Foxit has released a crucial security update for its widely used Foxit PDF Reader and Foxit PDF Editor. The update, version 2024.4, resolves multiple vulnerabilities that pose significant risks, inclu ... Read more
-
Cybersecurity News
CVE-2024-49775 (CVSS 9.8): Critical Vulnerability in Siemens UMC Exposes Systems to Remote Exploitation
Siemens has disclosed a critical heap-based buffer overflow vulnerability (CVE-2024-49775) in its User Management Component (UMC), a core element integrated into several of its products. If exploited, ... Read more
-
Cybersecurity News
cShell DDoS Bot Exploits Poorly Managed Linux SSH Servers
AhnLab Security Intelligence Center (ASEC) has uncovered a new strain of DDoS malware called cShell, which specifically targets poorly managed Linux SSH servers. The malware exploits weak credentials ... Read more
-
Cybersecurity News
Earth Koshchei’s Rogue RDP Campaign: A Sophisticated APT Attack Targets Governments and Enterprises
Trend Micro has unveiled a large-scale rogue remote desktop protocol (RDP) campaign conducted by the threat group Earth Koshchei. Known for their espionage operations, Earth Koshchei leveraged spear-p ... Read more
-
TheCyberThrone
CISA adds BeyondTrust CVE-2024-12356 to its KEV Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.CVE-2024-12356: Command Injection Vulnerability in BeyondTrust PRA and RSO ... Read more
-
Dark Reading
Fortinet Addresses Unpatched Critical RCE Vector
Source: Konstantin Nechaev via Alamy Stock PhotoNEWS BRIEFFortinet has finally patched a critical security vulnerability in its Wireless LAN Manager (FortiWLM) that could allow unauthenticated sensiti ... Read more
-
CrowdStrike.com
December 2024 Patch Tuesday: 16 Critical and One Zero-Day Among 71 Vulnerabilities
Microsoft has released security updates for 71 vulnerabilities in its December 2024 Patch Tuesday rollout. Among these are 16 Critical vulnerabilities and one zero-day affecting the Windows Common Log ... Read more
-
Dark Reading
Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2
Source: ZUMA Press, Inc. via Alamy Stock PhotoA critical, stubborn new vulnerability in Apache Struts 2 may be under active exploitation already, and fixing it isn't as simple as downloading a patch.S ... Read more